From Linux to Windows: The Series
A new security initiative from corporate has forced a change in how I do things, at least on my company laptop.
I’ve been running some form of Unix on my work desktop and laptop for something like 8 years now. CentOS Linux (a free Red Hat Enterprise clone) has been the latest distro, and probably [...]
nmap is your friend
One of my favorite tools for tracking down abusive LDAP clients is nmap .
Here’s the “standard” command line “SYN Stealth Scan” with O/S detection (invoked as root):
nmap -sS -O -PI -PT 10.0.44.56
And here’s your typical output:
Starting Nmap 4.20 ( http://insecure.org ) at 2010-02-17 13:49 EST
Interesting ports on 10.0.44.56:
Not shown: 1690 closed ports
PORT [...]
Desktop background colors
Been screwing around with different desktop background colors tonight and needed to make a note or two.
This color chart is a great resource. All 216 “Netscape” colors, rendered more or less accurately (at least on my monitor).
Right now I’ve got my background set to #336699.
Not sure, but I think #336699 is pretty close to the [...]
VMware buys Zimbra
A couple of years ago I did a brief piece on Zimbra, the Microsoft Exchange “replacement” that Stanford University had chosen as its new messaging platform. It turns out I wasn’t the only one that noticed, because Zimbra is now the property of VMware. As reported in The Register:
With the acquisition, Byun says, VMware is [...]
Clearing Solaris memory segments and semaphores
Sometimes you just need to wipe the slate clean.
When there’s a bunch of apps eating away at memory eventually something will tank. At that point just shutting stuff down may not be enough, especially when you’ve got to resort to the kill command to make them dead. Very often all those memory segments and semaphores [...]
Tripwire updates
Tripwire is an IDS (Intrusion Detection System) that used to come standard with Red Hat Enterprise Linux and other server operating systems. There is, and was, an open source version and a closed source “enterprise” version. In recent Red Hat releases the open source AIDE IDS is included with in the distribution.
AIDE (Advanced Intrusion Detection [...]
Securing OHS
There’s a technical paper over on SecureDBA covering the subject of securing the myriad of OHS (Oracle HTTP Server) versions out there.
Securing and Managing the Oracle HTTP Server by Kevin Sheehan and Brian Mulreany of Unisys is a free resource in pdf format. Get it, read it, and apply the advice contained therein. Includes extensive [...]